Affected Products

Forescout CounterACT NAC 6.3.4.1 other versions may also be affected.

Details

The Forescout NAC device is vulnerable to cross-site redirection and could be used to redirect a targetted victim to a malicious site. The 'a' parameter is vulnerable on the 'login' page. See below for details:

http://(NACIP)/assets/login?a=http://www.evil.com

The payload could be delivered by enticing a victim to follow a link in a 'phishing' email.

Impact

An attacker may be able to gain credentials for the NAC device or seek to install malware on the victim's machine via a malicious site.